// app.js
const express = require('express');
const bodyParser = require('body-parser');
const cors = require('cors');
const authRoutes = require('./routes/auth');
const movieRoutes = require('./routes/movies');
const reviewRoutes = require('./routes/reviews');
const userRoutes = require('./routes/users');
const recommendationRoutes = require('./routes/recommendations');
const { authenticateToken, isAdmin } = require('./middlewares/authMiddleware');

const app = express();

app.use(cors({
  //origin: ['http://localhost:5173', 'http://localhost:3000'], // 允许的前端地址
  origin: '*',
  methods: ['GET', 'POST', 'PUT', 'DELETE'],
  credentials: true, // 允许携带凭据（如 cookie）
}));
app.use(bodyParser.json());

app.use('/auth', authRoutes);
app.use('/movies', authenticateToken, movieRoutes);
app.use('/reviews', authenticateToken, reviewRoutes);
app.use('/users', authenticateToken, isAdmin, userRoutes); // 新增用户管理路由
app.use('/recommend', authenticateToken,recommendationRoutes );

module.exports = app;